Hi, I'm new here. Really excited about bitcoins, looking for a project to get behind. I'm a c++ developer originally (25 years or so). been doing php/mysql work for the last 10 years. I've written apps for verifone credit card terminals which might be an asset to someone looking to develop a card app for bitcoins.

so anyway, hit me up. I'm looking to make some business/development friends here.

Welcome! I don't know exactly what stage it's at, but Casascius has been working on a Bitcoin POS system based on the VeriFone Vx510 or Vx570. Here's a wiki article on it, with links to some source on Github and a draft protocol spec.

He may be in need of willing merchants more than developers, but maybe he could use your expertise, so give him a PM!

I have personally developed some stuff for the VeriFone POS platform and am familiar with it.

I think I'm more in need of developers than merchants. I would like to write it, but I consider the code relatively high maintenance and would prefer to just design it, or at least help prod it along.

I regularly get contacted about it as though it's a real product and am fairly certain that there would be a huge business opportunity in simply selling units pre-loaded with the application, despite the fact that power users could probably figure out how to load it themselves. Those pre-loaded units could be locked down with "VeriShield"* which many customers would consider an advantage worth paying for. If the terminal simply adhered to some well-defined API, and then parties like BitPay, MtGox, etc. could offer the server side of the processing, the product could take off directly from the ground into the stratosphere.

(*VeriShield, for everyone else, is a solution where the hardware can be locked down to only run binaries signed by a specific developer using a private key on a VeriFone-provided smart card. Yes, I know how much DRM is hated in general, but buying a payment machine you know cannot be reloaded with a malicious app when you have your back to it has a value to many people... without it, in the default "jailbroken" state, so to speak, someone could come along and use a USB flash drive to reprogram the unit.)

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.

I think it needs to interact with full node (server) to keep with decentralized and independent nature of Bitcoin. The original POS article in Wiki is excellent. The proposal of Matthew N. Wright in Bitcointalk topic is pure brainfart combined with trolling, ignorance und misunderstanding of concept and possibilities.

MtGox or some other centralized processor is not good. Centralized payment processors can Mt.Goatse the accounts at will. The server running full node is hard to take down.

I think it needs to interact with full node (server) to keep with decentralized and independent nature of Bitcoin. The original POS article in Wiki is excellent. The proposal of Matthew N. Wright in Bitcointalk topic is pure brainfart combined with trolling, ignorance und misunderstanding of concept and possibilities.

MtGox or some other centralized processor is not good. Centralized payment processors can Mt.Goatse the accounts at will. The server running full node is hard to take down.

I'm not sure I take the position, in fact in a way I take the opposite. The sort of service you'd want to connect this to should also be able to buy and sell you bitcoins and be able to exchange them for dollars or other local currency. The unit shouldn't necessarily be locked to a single service provider (e.g. one should always be able to switch from MtGox to Bitpay or vice versa, just like changing your sim card in your mobile phone) but if a fundamental design requirement is that it has to hook to a user-controlled bitcoind and not a third party service, half the usefulness goes right out the window.

What is vital for this is the ability to pretend that bitcoins are "dollars" so that average-intelligence store clerks who can barely understand balancing a checkbook let alone the banking system can still accept it like a payment method and settle somebody's dollar-denominated amount due without the clerk being forced to manually care about exchange rates. Bitcoind cannot provide this service.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.

It can and it must get the Bitcoin price updates from online exchanges like MtGoatse. But the address generation, transaction verification and imported key storage must be done on user controlled server.

Bitcoin is all about having The Bank on Your computer (server node). Having this done in other way will backfire when Bitcoin becomes heavily regulated and controlled.

I think I'm more in need of developers than merchants. I would like to write it, but I consider the code relatively high maintenance and would prefer to just design it, or at least help prod it along.

<snip>

(*VeriShield, for everyone else, is a solution where the hardware can be locked down to only run binaries signed by a specific developer using a private key on a VeriFone-provided smart card. Yes, I know how much DRM is hated in general, but buying a payment machine you know cannot be reloaded with a malicious app when you have your back to it has a value to many people... without it, in the default "jailbroken" state, so to speak, someone could come along and use a USB flash drive to reprogram the unit.)

Ah, cool. I have no experience but it sounds like a fun project. I may get involved when I have the time and/or money (for a terminal.) I guess I (or anyone else) could work on planning/implementing the protocol without a terminal.

If the Bitcoin software is flashed and locked in, would that prevent standard card transactions?

Ah, cool. I have no experience but it sounds like a fun project. I may get involved when I have the time and/or money (for a terminal.) I guess I (or anyone else) could work on planning/implementing the protocol without a terminal.

If the Bitcoin software is flashed and locked in, would that prevent standard card transactions?

You would just not lock it in. The lockdown is actually meant to be done by whoever is managing the terminal - not so much the bank, but the credit card processing company. If a terminal is locked down and they want to run third party apps, it is simple as them signing and distributing the third party binaries. The signature gets provided in a separate .p7s file rather than being embedded into the binary itself, so there is no requirement that the developer sign the binaries themselves.

In practice, few processors actually lock down the whole terminal. Instead, if anything, they simply lock down access to the file system partition containing the app with a password, a feature the terminals support with the intent that they can host multiple simultaneous apps that needed to be protected from one another.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.